Keith Moore wrote:
providing this kind of information is as beneficial to the sender
as it is to the recipient.
right, but it only works for senders who always use the same relays.
I tried to account for that with the domain flag. An organization can
reference any number of individual hosts, or it can reference an entire
domain of hosts as valid senders if it so chooses:
| Any and all hosts in the mail.example.com domain are authorized relay
| servers for example.com:
|
| [Answer Section]
| example.com. MS 1 mail.example.com.
|
| [Additional-Data Section]
| <empty>
|
| [the PTR for the current mail session should be examined, and if it
| resides within the specified domain, then it is authorized]
In your case, that flag could be applied to cs.utk.edu. Since your host
(astro.cs.utk.edu) is within that domain, it would be accepted as an
authorized sender.
If the host is in another domain, the remote domain can als be referenced,
either as a host-specific entry or a domain-wide entry.
What situation are you thinking about which would not work with this?
the appropriate way to look at this is ~"can the owner of a domain
use this to prevent forgeries from their domain" and "can the
recipients use this as a supplemental method for killing spam"
(the answer to both of those questions is "yes").
the answer to the first of the questions is "no, not in general".
Why not? Even though this would be an elective system, it would be
effective towards this purpose when it was used. Any reduction is some
reduction.
the answer to the second question is "yes, but it won't make much
of a difference unless most of the sources of spam use it"
Again, the principle benefit from validation is to make the remaining
evidence more actionable.
--
Eric A. Hall http://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/